Perhaps the only saving grace is that currently the attack appears to be more focused on earning revenue through advertising affiliate schemes than infecting the computers visiting hacked webpages. But the problem is still serious.

Depending on site and whether or not it runs ads, I would suspect that this hack could go unnoticed for quite a while. Kudos to the evil genius who came up with this idea.